419 scammer impersonates the nation of Ethiopia, takes $27 million from Citibank

A Nigerian scammer is accused of posing as the central bank of Ethiopia and bilking Citibank out of $27,000,000:

To carry out the elaborate scheme, prosecutors in New York said on Friday, the man, identified as Paul Gabriel Amos, 37, a Nigerian citizen who lived in Singapore, worked with others to create official-looking documents that instructed Citibank to wire the money in two dozen transactions to accounts that Mr. Amos and the others controlled around the world.

The money came from a Citibank account in New York held by the National Bank of Ethiopia, that country’s central bank. Prosecutors said the conspirators, contacted by Citibank to verify the transactions, posed as Ethiopian bank officials and approved the transfers.

When contacted for comment, J. Quincy Moneybags, Citibank’s high poobah, shrugged. “Compared to what we just fleeced out of the U.S. in the dying days of the W administration, no strings attached? That’s, like, a rounding error. From one con man to another, well done, old friend!”

DEAR SIR OR MA’AM OR GIANT MULTI-BILLION DOLLAR FINANCIAL INSTITUTION CURRENTLY RAPING US CITIZENS OUT OF THEIR TAX MONEY,

I WOULD LIKE TO INFORM YOU ABOUT AN AMAZING FINANCIAL OPPORTUNITY. I REPRESENT A SMALL BUT ECONOMICALLY VIABLE NATION KNOWN AS ETHIOPIA. THROUGH A SMALL AND TEMPORARY MISUNDERSTANDING MY FINANCIAL ASSETS HAVE BEEN FROZEN AND I AM IN NEED OF QUICK INFUSION OF JUICY AMERICAN BAILOUT MONIES. I GUARANTEE YOU THAT THERE IS NO RISK INVOLVED IN THIS PROPOSITION. EVEN IF THERE WERE RISK THERE WOULD BE NO RISK FOR YOU PERSONALLY, SINCE YOUR FERTILE LANDS APPARENTLY PRODUCE ROW AFTER ROW OF RIPE AND PLUCKABLE BAILOUT. SO YOU SEE YOU CANNOT AFFORD TO PASS UP THIS AMAZING OPPORTUNITY. FOR A MODEST 27,000,000 US DOLLARS LOAN TO ETHIOPIA YOU CAN NET AN ASTOUNDING 100 HOJILLION US DOLLARS IN ONLY 1.7 MINUTES. THE RETURN ON YOUR INVESTMENT IS SO HIGH THAT WE HAD TO INVENT A NEW DENOMINATION OF MONIES, THAT BEING THE HOJILLIONS. REALLY! IT IS JUST THAT SIMPLE. AND THERE IS ABSOLUTELY NO RISK INVOLVED WHATSOEVER. THANK YOU FOR YOUR TIME. WE EAGERLY AWAIT YOUR SHIPPING CONTAINER OF UNMARKED, NONSEQUENTIAL SMALL TO MEDIUM SIZED US DOLLAR BILLS.

I’m dismayed by the lack of accuracy in the summary here, as the article itself has a very different story. That people like Presto and Halloween Jack use the opportunity to throw about insults that appear to have little basis in the actual story is even more disappointing: I would hope that they would at least have the consideration to read the article.

This was not a 419 scam. It was a Nigerian citizen (in Singapore!) who sent forged wire transfer requests for an account held by Citibank, attempting to have money wired from an account held by the Bank of Ethiopia to other accounts held by his conspirators. Furthermore, the scheme wasn’t successful, and while it isn’t entirely clear, it doesn’t appear that Citibank lost $27 million from the scheme, as the scheme was discovered after the money had been transferred, but before it could be taken from the other accounts. It appears that the conspirators had significant information in running the scheme, as they were able to forge signatures of bank of Ethiopia officials and impersonate them on the phone, and knew about the verification processes Citibank used.

I don’t understand, however, why Citibank used the phone numbers on the documents rather than the phone numbers on file. This would seem to be quite insecure, and isn’t, to the best of my knowledge, standard practice in most banks.

Nevertheless, it should be said that there are mistakes with wire transfers all the time, and the verification can be questionable, as there is such importance placed on the speed of the transfers. I remember waking up one morning to find an unexpected extra million dollars in our account, because someone trying to send us a million dollars didn’t think his fax had gone through, and tried sending the page again…

I remember waking up one morning to find an unexpected extra million dollars in our account, because someone trying to send us a million dollars didn’t think his fax had gone through, and tried sending the page again…

ha! now. wa, was this part or the specifics really necessary to make your point …. please

The point was that banks are often far too eager to process wire transfers, even when even a cursory inspection would point to something being wrong, because they can always reverse them later. I should have noted that it was a company account, though: I certainly don’t have people sending wires like that to me.

I read the article and still do not understand how they were caught. It said Citibank only became aware of the theft after several banks returned the money to Citibank saying they were unable to process the transaction. It didn’t say why they were unable to process the transactions. It didn’t say whether all the money was returned to Citibank.

#5 WA, when verifying the transaction, Citibank did call the phone numbers on file, rather than in the transfer document. The thing is, one month before sending the fax to do the actual transfer, the thieves couriered documents to Citibank instructing them to accept transfer instructions by fax, and enclosing a list of phone numbers to call for verification.

This is where the security flaw lies. Banks normally only phone to verify large transactions. They do not phone to verify changes in instruction and the phone number list itself. They only check the signature on those documents. AFAIK, this is normal practice for all banks, and it still is. So to all those aspiring criminals out there, the door is still open. If you do get caught, don’t blame me though.